Event ID - 139

Port No139
Service NameMsinit
RFC Doc0
ProtocolUDP
DescriptionThis malicious network-enabled worm spreads copies of itself through open network shares. It modifies the registry such that it is executed whenever Windows starts up. It slows down the loading of Windows and disables the infected system's connection to the network.
Reference LinkMsinit Trojan
AttackSOLUTION :
1.Click START|RUN Type REGEDIT and hit ENTER key 2.In the left panel, click the "+" to the left of the following: HKEY_LOCAL_MACHINE
Software
Microsoft
Windows
CurrentVersion
RunServices
3.In the right panel, search for any of the registry key that contains the data value of "msinit = or msinit = "c:\Windows\System\DNETC.EXE". In the right window, highlight the registry key that loads the file and press the DELETE key. Answer YES to delete the entry.
4.Exit registry.
5.Click START|SHUTDOWN. Choose "Restart” and click OK.
6.Restart computer.
7.Scan your system with Trend antivirus and delete all files detected as TROJ_MSINIT.A. To do this Trend customers must download the latest pattern file and scan their system. Other email users may use Trend HouseCall, a free online virus scanner.

Catch threats immediately

We work side-by-side with you to rapidly detect cyberthreats
and thwart attacks before they cause damage.

See what we caught

Did this information help you to resolve the problem?

Yes: My problem was resolved.
No: The information was not helpful / Partially helpful.